-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-103A Microsoft Updates for Multiple Vulnerabilities Original release date: April 13, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office * Microsoft Exchange Overview Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Exchange. I. Description Microsoft has released security bulletins for multiple vulnerabilities in Microsoft Windows, Microsoft Windows Media Server on Windows 2000 Server, Microsoft Office Publisher, Microsoft Office Visio, and Microsoft Exchange. These bulletins are described in the Microsoft Security Bulletin Summary for April 2010. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a vulnerable application to crash, or spoof IPv4 addresses. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2010. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for April 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-103A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@xxxxxxxx> with "TA10-103A Feedback VU#570980" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History April 13, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS8TEYT6pPKYJORa3AQI8WggAhOE9eq33blbV7ZzCXYp7HolNgqrQyS5I nuwcdGnLSL58IuELknYG1hSc0xQ8HuFoqjrGpQS12ie6ZxfwfCC5T0hn0jtoW2bo MXKh2/EchmUsjTyLbMnI0dRdTKOx1IGx+zLgbAjLYgmqKyNP674luMToXGLf3Q3+ pJStg5OBFRRZcXlYSnDHjrG/sA9mXo1Wg+0nOnCfZtZLNAvhm1Kl6BMncSNhcw1s EBgyGeSzQji9W88b5iJ/tNLscCgqExRh6KvWkNd8oxJEn1WvZVCQW1X4M9oqN75M jK+EZ7tYc5E+yn2evWpSqGQByBBig04MCu/cMP2uKCwNbCjnetwrMg== =io+S -----END PGP SIGNATURE-----